Oops in pax_find_mirror (grsecurity-2.1.11-2.6.22.6-20070907
Posted: Tue Sep 18, 2007 1:26 am- Code: Select all
[428352.327043] ------------[ cut here ]------------
[428352.327049] Kernel BUG at 0004f0d9 [verbose debug info unavailable]
[428352.327052] invalid opcode: 0000 [#1]
[428352.327054] SMP
[428352.327057] Modules linked in: des cbc blkcipher button nfsd exportfs rpcsec_gss_krb5 auth_rpcgss nfs nfs_acl ipt_MASQUERADE iptable_nat nf_nat tun xt_multiport ipt_iprange xt_mac nf_conntrack_ipv4 xt_state nf_conntrack ipt_LOG xt_limit xt_tcpudp iptable_filter ip_tables x_tables ext2 mbcache w83627hf hwmon_vid hwmon eeprom i2c_isa fuse mousedev tsdev snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm_oss snd_pcm snd_mixer_oss snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_timer snd_seq_device snd soundcore snd_page_alloc intel_agp agpgart psmouse i2c_i801 evdev rng_core iTCO_wdt rtc xfs dm_mirror dm_snapshot dm_mod usb_storage ide_generic ide_disk ehci_hcd uhci_hcd usbcore thermal processor fan unix sd_mod scsi_mod lockd sunrpc isofs zlib_inflate ide_cd cdrom skge i2c_matroxfb i2c_algo_bit i2c_dev i2c_core matroxfb_crtc2 matroxfb_base matroxfb_DAC1064 matroxfb_accel matroxfb_Ti3026 matroxfb_g450 g450_pll matroxfb_misc piix ide_core fbcon tileblit font bitblit softcursor
[428352.327133] CPU: 0
[428352.327134] EIP: 0060:[<0004f0d9>] Not tainted VLI
[428352.327135] EFLAGS: 00210206 (2.6.22.6-grsec-p4-smp #1)
[428352.327143] EIP is at pax_find_mirror_vma+0x90/0x99
[428352.327146] eax: 00005000 ebx: 00006000 ecx: de95417c edx: de954284
[428352.327149] esi: 08538000 edi: 00101877 ebp: c31d7a50 esp: f7aefea0
[428352.327152] ds: 0068 es: 0068 fs: 00d8 gs: 0033 ss: 0068
[428352.327155] Process maxima (pid: 5054, ti=f7aee000 task=c31d7a50 task.ti=f7aee000)
[428352.327157] Stack: 00000001 de95417c 08538f88 0004d156 0005028b 00000000 00000000 68538000
[428352.327165] 68539000 de9547ac 00001ae0 de95417c e57d390c 08538f88 de95417c d620f100
[428352.327173] 08539000 00051643 00000001 00101877 deddcb58 eaf3d840 000004ef 00000000
[428352.327181] Call Trace:
[428352.327190] [<0004d156>] __handle_mm_fault+0x42/0xb9f
[428352.327195] [<0005028b>] vma_merge+0x326/0x334
[428352.327225] [<00051643>] sys_mprotect+0x133/0x830
[428352.327232] [<00101877>] proc_read_node+0x48/0x81
[428352.327248] [<00101875>] proc_read_node+0x46/0x81
[428352.327275] [<00015f47>] do_page_fault+0x34f/0x908
[428352.327290] [<00100073>] pnp_bios_get_dev_node+0x11a/0x22e
[428352.327294] [<001066b3>] tty_ioctl+0x0/0xdd0
[428352.327303] [<00005401>] irq_entries_start+0x201/0xe00
[428352.327317] [<00030002>] run_posix_cpu_timers+0x857/0x88b
[428352.327332] [<000692f9>] vfs_ioctl+0x50/0x26a
[428352.327359] [<00015bf8>] do_page_fault+0x0/0x908
[428352.327365] [<001932d5>] error_code+0x85/0x90
[428352.327408] =======================
[428352.327410] Code: 8b 41 44 3b 42 44 74 0c 0f 0b eb fe 0f 0b eb fe 0f 0b eb fe 8b 41 3c 3b 42 3c 75 ec 33 7a 14 81 e7 dd df ef ef 74 a4 0f 0b eb fe <0f> 0b eb fe 0f 0b 90 eb fd 57 56 53 83 ec 08 89 c6 89 cf 64 a1
[428352.327488] EIP: [<0004f0d9>] pax_find_mirror_vma+0x90/0x99 SS:ESP 0068:f7aefea0
It is very reproducible, in fact I get it whenever I try to run maxima
( http://maxima.sourceforge.net ). The kernel config is available at
http://theor.jinr.ru/~varg/web/linux/co ... -p4-smp.gz
I have also the following patch applied (it fixes Oops during NFSv4 [u]mount):
http://git.kernel.org/?p=linux%2Fkernel ... 4c5bb957a7
(I don't think this patch has anything to do with this particular error,
but just in a case...)